1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (C) 2010 IBM Corporation 4 * Author: David Safford <safford@us.ibm.com> 5 */ 6 7 #ifndef _KEYS_TRUSTED_TYPE_H 8 #define _KEYS_TRUSTED_TYPE_H 9 10 #include <linux/key.h> 11 #include <linux/rcupdate.h> 12 #include <linux/tpm.h> 13 14 #ifdef pr_fmt 15 #undef pr_fmt 16 #endif 17 18 #define pr_fmt(fmt) "trusted_key: " fmt 19 20 #define MIN_KEY_SIZE 32 21 #define MAX_KEY_SIZE 128 22 #define MAX_BLOB_SIZE 512 23 #define MAX_PCRINFO_SIZE 64 24 #define MAX_DIGEST_SIZE 64 25 26 struct trusted_key_payload { 27 struct rcu_head rcu; 28 unsigned int key_len; 29 unsigned int blob_len; 30 unsigned char migratable; 31 unsigned char old_format; 32 unsigned char key[MAX_KEY_SIZE + 1]; 33 unsigned char blob[MAX_BLOB_SIZE]; 34 }; 35 36 struct trusted_key_options { 37 uint16_t keytype; 38 uint32_t keyhandle; 39 unsigned char keyauth[TPM_DIGEST_SIZE]; 40 uint32_t blobauth_len; 41 unsigned char blobauth[TPM_DIGEST_SIZE]; 42 uint32_t pcrinfo_len; 43 unsigned char pcrinfo[MAX_PCRINFO_SIZE]; 44 int pcrlock; 45 uint32_t hash; 46 uint32_t policydigest_len; 47 unsigned char policydigest[MAX_DIGEST_SIZE]; 48 uint32_t policyhandle; 49 }; 50 51 struct trusted_key_ops { 52 /* 53 * flag to indicate if trusted key implementation supports migration 54 * or not. 55 */ 56 unsigned char migratable; 57 58 /* Initialize key interface. */ 59 int (*init)(void); 60 61 /* Seal a key. */ 62 int (*seal)(struct trusted_key_payload *p, char *datablob); 63 64 /* Unseal a key. */ 65 int (*unseal)(struct trusted_key_payload *p, char *datablob); 66 67 /* Optional: Get a randomized key. */ 68 int (*get_random)(unsigned char *key, size_t key_len); 69 70 /* Exit key interface. */ 71 void (*exit)(void); 72 }; 73 74 struct trusted_key_source { 75 char *name; 76 struct trusted_key_ops *ops; 77 }; 78 79 extern struct key_type key_type_trusted; 80 81 #define TRUSTED_DEBUG 0 82 83 #if TRUSTED_DEBUG 84 static inline void dump_payload(struct trusted_key_payload *p) 85 { 86 pr_info("key_len %d\n", p->key_len); 87 print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE, 88 16, 1, p->key, p->key_len, 0); 89 pr_info("bloblen %d\n", p->blob_len); 90 print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE, 91 16, 1, p->blob, p->blob_len, 0); 92 pr_info("migratable %d\n", p->migratable); 93 } 94 #else 95 static inline void dump_payload(struct trusted_key_payload *p) 96 { 97 } 98 #endif 99 100 #endif /* _KEYS_TRUSTED_TYPE_H */ 101
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.